scdaemon lockup with Yubikey NEO
the2nd at otpme.org
the2nd at otpme.org
Wed Dec 2 12:36:02 CET 2015
Hi,
here is the output for a failed session and a working one (with openssh
6.7p1).
Both times i started two ssh sessions, keeping the first one open.
Failed
gpg-agent.log - http://paste.ubuntu.com/13620856/
scd.log - http://paste.ubuntu.com/13620863/
OK
gpg-agent.log - http://paste.ubuntu.com/13621007/
scd.log - http://paste.ubuntu.com/13621013/
I am unsure if it is yubikey specific but as it is working with older
openssh versions i guess its some bug thats related to any openssh
changes.
The log always shows "error getting default authentication keyID of
card: Conflicting use" when the problem occurs.
If you say that this is not a gnupg issue i'll ask the yubico folks.
But it would be really great to get any hint what could be the problem
from someone who is familiar with the technical details. :)
regards
the2nd
On 2015-12-02 08:16, NIIBE Yutaka wrote:
> On 2015-12-01 at 11:55 +0100, the2nd at otpme.org wrote:
>> There is just one gpg-agent + scdaemon.
>
> OK.
>
>> Do you keep the first SSH session open when re-plugging the yubikey?
>
> I don't use Yubikey. I use OpenPGPcard with card reader and Gnuk
> Token. If you think your problem is Yubikey specific, it would be
> good to ask Yubikey community.
>
> I keep the SSH session when I remove my token, re-insert it and. I
> also tried with the setting of 'ForwardAgent yes' in .ssh/config and
> used SSH to another remote host. But I can't reproduce.
>
> To debug your situation, please add 'verbose' in your
> .gnupg/gpg-agent.conf and create a file .gnupg/scdaemon.conf with:
>
> =====================
> debug-level guru
> debug-all
> log-file /tmp/scd.log
> =====================
>
> Before your experiment, please set your PIN by default one, because
> the scd.log file will include your PIN information.
More information about the Gnupg-users
mailing list